Hi Pushpendra,
Step 1:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpnrmote.html
Step 2:
your FQDN should be reachable from outside public network
eg: remotevpn.local.com
if this is your FQDN, then if you ping remotevpn.local.com it should resolve to the interface ip address to which the VPN terminates
i.e I t should resolve to 10.10.4.200 as per this example.
Step 3: PCF file configuration
Host: remotevpn.local.com
Group name: testgroup
Group password: 44kkaol59636jnfx
check the attached snippet
Configure the remote access VPN as per the below link
Step 1:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpnrmote.html hostname(config)# interface ethernet0 hostname(config-if)# ip address 10.10.4.200 255.255.0.0 hostname(config-if)# nameif outside hostname(config)# no shutdown hostname(config)# isakmp policy 1 authentication pre-share hostname(config)# isakmp policy 1 encryption 3des hostname(config)# isakmp policy 1 hash sha hostname(config)# isakmp policy 1 group 2 hostname(config)# isakmp policy 1 lifetime 43200 hostname(config)# isakmp enable outside hostname(config)# ip local pool testpool 192.168.0.10-192.168.0.15 hostname(config)# username testuser password 12345678 hostname(config)# crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac hostname(config)# tunnel-group testgroup type ipsec-ra hostname(config)# tunnel-group testgroup general-attributes hostname(config-general)# address-pool testpool hostname(config)# tunnel-group testgroup ipsec-attributes hostname(config-ipsec)# pre-shared-key 44kkaol59636jnfx hostname(config)# crypto dynamic-map dyn1 1 set transform-set FirstSet hostname(config)# crypto dynamic-map dyn1 1 set reverse-route hostname(config)# crypto map mymap 1 ipsec-isakmp dynamic dyn1 hostname(config)# crypto map mymap interface outside hostname(config)# write memory Step 2: your FQDN should be reachable from outside public network eg: remotevpn.local.com if this is your FQDN, then if you ping remotevpn.local.com it should resolve to the interface ip address to which the VPN terminates i.e I t should resolve to 10.10.4.200 as per this example.
Step 1:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpnrmote.html hostname(config)# interface ethernet0 hostname(config-if)# ip address 10.10.4.200 255.255.0.0 hostname(config-if)# nameif outside hostname(config)# no shutdown hostname(config)# isakmp policy 1 authentication pre-share hostname(config)# isakmp policy 1 encryption 3des hostname(config)# isakmp policy 1 hash sha hostname(config)# isakmp policy 1 group 2 hostname(config)# isakmp policy 1 lifetime 43200 hostname(config)# isakmp enable outside hostname(config)# ip local pool testpool 192.168.0.10-192.168.0.15 hostname(config)# username testuser password 12345678 hostname(config)# crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac hostname(config)# tunnel-group testgroup type ipsec-ra hostname(config)# tunnel-group testgroup general-attributes hostname(config-general)# address-pool testpool hostname(config)# tunnel-group testgroup ipsec-attributes hostname(config-ipsec)# pre-shared-key 44kkaol59636jnfx hostname(config)# crypto dynamic-map dyn1 1 set transform-set FirstSet hostname(config)# crypto dynamic-map dyn1 1 set reverse-route hostname(config)# crypto map mymap 1 ipsec-isakmp dynamic dyn1 hostname(config)# crypto map mymap interface outside hostname(config)# write memory Step 2: your FQDN should be reachable from outside public network eg: remotevpn.local.com if this is your FQDN, then if you ping remotevpn.local.com it should resolve to the interface ip address to which the VPN terminates i.e I t should resolve to 10.10.4.200 as per this example.
